Share this Job

Cybersecurity Defence & Response Specialist

Job Location: Luxembourg

Company description

Ferrero is a family-owned company with a truly progressive and global outlook and iconic brands such as Nutella®, Tic Tac®, Ferrero Rocher®, Raffaello®, Kinder Bueno® and Kinder Surprise®. As the love for our brands continues to grow, so too does our global reach. Represented in 55 countries, with products sold in more than 170, the Ferrero Group is loved by generations around the world. The secret to our global success? Nearly 35,000 dedicated employees who celebrate care and quality to craft a business, careers and brands we are proud of. Join us, and you could be one of them. 

Diversity Statement

Ferrero is committed to building a diverse and inclusive culture in which all employees feel welcomed and appreciated and have the same opportunities. We believe all of our people are equally talented in their own way. In nurturing the curiosity and natural abilities of our employees, we provide them, generation after generation, the means to succeed personally and professionally, enabling them to craft their journey at Ferrero. The diversity of our talents is what makes our work environment multicultural, innovative and highly rewarding.

About the Role:

For our Ferrero HQs in Luxembourg, we are looking for a Cybersecurity Defence & Response Specialist who will be part of the Global Advanced Cyber Defense Center (ACDC).

The incumbent will be engaged both in operations and development side of cyber defensive function. The role merges Incident Responder duties with Blue Team activities and is full of action. He or she will be tasked with improving cyber defensive posture through work on detection and response mechanisms, automation rules and scripts, data analysis concepts and informing general Cyber Security team on proposed companywide improvements. The role involves end-to-end incident response duties including triage, forensics, and remediation as well as crossfunctional interactions and collaboration providing thus the opportunity to a versatile development. 

Main Responsibilities:

Main Tasks:

  • Perform on-the-host and on-the-network triage, initiate remediation efforts;
  • Cooperate with SOC and NOC to initiate incident response;
  • Integrate multiple data sources via API, query languages, reports or custom scripts;
  • Be ready to transition into Threat Hunter or Incident Commander role;
  • Lead improvement project in the cyber defense domain in agile fashion.

Who we are looking for:


  • Master Degree in Engineering, Computer Science, Informatics, Mathematics or other related fields;
  • 2-4 years of experience in areas of incident response and elements of forensics;
  • Previous work experience as a SOC operator, SOC analyst, Event Analyst, First Responder or similar;
  • Experience with modern and automated tech supporting forensics, network or host response, collection of data, monitoring, analysis, malware analysis, postmortem investigation etc.;
  • Understanding the defensive operations and improvements such as security tool administration, detection rule engineering, scripting, cloud security solution and query languages;
  • Network services and protocols;
  • In depth understanding of incident management and engineering processes;
  • Experience with tools and methods for centralized and decentralized log review, live response and forensics;
  • Experience with cloud solutions and modern technology via API, scripting and general engineering;
  • Network services and protocols;    
  • Self-motivated, goal and result-oriented, customer driven and able to work in a team;    
  • Ethical and strong personal values;
  • Analytical with synthetic thinking capabilities and communication skills;
  • Ability to adapt to different and difficult scenarios;
  • Enthusiasm and commitment to excellence with a result-oriented approach;
  • Ethical and strong personal values.


IT Skills & Other:

  • Excellent command of Microsoft Office;
  • Knowledge of PowerShell and SQL-like query languages;
  • Certifications: ISO/IEC 27001:2013 Auditor/Lead Auditor, GIAC, CISA, CISM and ISC2 CISSP or other professional certifications related to Cybersecurity will be considered a plus.


Language Skills:

  • Fluency in spoken and written English;
  • Knowledge of any other European language will be considered a plus.

We offer:

  • An international and challenging working environment;
  • An attractive salary package. 

How to be successful in the role and at Ferrero:

Consumers, quality and care are at the heart of everything we do. So, to be successful at Ferrero, you’ll need to be just as consumer and product centric as we are - dedicated to crafting brilliant results for consumers around the world.